github.com/aacfactory/fns@v1.2.86-0.20240310083819-80d667fc0a17/cmd/fns/ssc/command.go (about) 1 /* 2 * Copyright 2023 Wang Min Xiang 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 * 16 */ 17 18 package ssc 19 20 import ( 21 "fmt" 22 "github.com/aacfactory/afssl" 23 "github.com/aacfactory/errors" 24 "github.com/urfave/cli/v2" 25 "os" 26 "path/filepath" 27 "strings" 28 ) 29 30 var Command = &cli.Command{ 31 Name: "ssc", 32 Aliases: nil, 33 Usage: "fns scc --sa=ECDSA --cn={CN} --expire={days} {output dir}", 34 Description: "create self sign cert", 35 ArgsUsage: "", 36 Category: "", 37 Flags: []cli.Flag{ 38 &cli.StringFlag{ 39 Name: "cn", 40 Required: true, 41 Usage: "CN", 42 }, 43 &cli.StringFlag{ 44 Name: "sa", 45 Required: true, 46 Usage: "signature algorithm", 47 }, 48 &cli.IntFlag{ 49 Name: "expire", 50 Required: true, 51 Usage: "expire days", 52 }, 53 }, 54 Action: func(ctx *cli.Context) (err error) { 55 // dst 56 dstDir := strings.TrimSpace(ctx.Args().First()) 57 if dstDir == "" { 58 dstDir = "." 59 } 60 if !filepath.IsAbs(dstDir) { 61 dstDir, err = filepath.Abs(dstDir) 62 if err != nil { 63 err = errors.Warning("fns: create self sign cert").WithCause(err).WithMeta("dir", dstDir) 64 return 65 } 66 } 67 dstDir = filepath.ToSlash(dstDir) 68 // cn 69 cn := ctx.String("cn") 70 // sa 71 var keyType afssl.KeyType 72 sa := strings.ToUpper(ctx.String("sa")) 73 switch sa { 74 case "ECDSA", "": 75 keyType = afssl.ECDSA() 76 break 77 case "RSA": 78 keyType = afssl.RSA() 79 break 80 case "ED25519": 81 keyType = afssl.ED25519() 82 break 83 case "SM2": 84 keyType = afssl.SM2() 85 break 86 default: 87 err = errors.Warning("fns: create self sign cert").WithCause(fmt.Errorf("sa is not supported")).WithMeta("sa", sa) 88 return 89 } 90 // expire 91 expire := ctx.Int("expire") 92 if expire < 1 { 93 expire = 365 94 } 95 96 config := afssl.CertificateConfig{ 97 Subject: &afssl.CertificatePkixName{ 98 CommonName: cn, 99 }, 100 IPs: nil, 101 Emails: nil, 102 DNSNames: nil, 103 } 104 cert, key, genErr := afssl.GenerateCertificate(config, afssl.CA(), afssl.WithKeyType(keyType), afssl.WithExpirationDays(expire)) 105 if genErr != nil { 106 err = errors.Warning("fns: create self sign cert").WithCause(genErr) 107 return 108 } 109 110 err = os.WriteFile(filepath.Join(dstDir, "ca.crt"), cert, 0644) 111 if err != nil { 112 err = errors.Warning("fns: create self sign cert").WithCause(err) 113 return 114 } 115 err = os.WriteFile(filepath.Join(dstDir, "ca.key"), key, 0644) 116 if err != nil { 117 err = errors.Warning("fns: create self sign cert").WithCause(err) 118 return 119 } 120 fmt.Println("fns: create self sign cert created!") 121 return 122 }, 123 }